diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py b/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py index a1dcb657e770..921235f71ce5 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py @@ -48,7 +48,6 @@ from .transparent_data_encryption_activity_py3 import TransparentDataEncryptionActivity from .server_usage_py3 import ServerUsage from .database_usage_py3 import DatabaseUsage - from .database_blob_auditing_policy_py3 import DatabaseBlobAuditingPolicy from .automatic_tuning_options_py3 import AutomaticTuningOptions from .database_automatic_tuning_py3 import DatabaseAutomaticTuning from .encryption_protector_py3 import EncryptionProtector @@ -81,6 +80,10 @@ from .sync_member_py3 import SyncMember from .subscription_usage_py3 import SubscriptionUsage from .virtual_network_rule_py3 import VirtualNetworkRule + from .extended_database_blob_auditing_policy_py3 import ExtendedDatabaseBlobAuditingPolicy + from .extended_server_blob_auditing_policy_py3 import ExtendedServerBlobAuditingPolicy + from .server_blob_auditing_policy_py3 import ServerBlobAuditingPolicy + from .database_blob_auditing_policy_py3 import DatabaseBlobAuditingPolicy from .database_vulnerability_assessment_rule_baseline_item_py3 import DatabaseVulnerabilityAssessmentRuleBaselineItem from .database_vulnerability_assessment_rule_baseline_py3 import DatabaseVulnerabilityAssessmentRuleBaseline from .vulnerability_assessment_recurring_scans_properties_py3 import VulnerabilityAssessmentRecurringScansProperties @@ -104,10 +107,12 @@ from .complete_database_restore_definition_py3 import CompleteDatabaseRestoreDefinition from .managed_database_py3 import ManagedDatabase from .managed_database_update_py3 import ManagedDatabaseUpdate + from .sensitivity_label_py3 import SensitivityLabel from .automatic_tuning_server_options_py3 import AutomaticTuningServerOptions from .server_automatic_tuning_py3 import ServerAutomaticTuning from .server_dns_alias_py3 import ServerDnsAlias from .server_dns_alias_acquisition_py3 import ServerDnsAliasAcquisition + from .server_security_alert_policy_py3 import ServerSecurityAlertPolicy from .restore_point_py3 import RestorePoint from .create_database_restore_point_definition_py3 import CreateDatabaseRestorePointDefinition from .database_operation_py3 import DatabaseOperation @@ -184,7 +189,6 @@ from .transparent_data_encryption_activity import TransparentDataEncryptionActivity from .server_usage import ServerUsage from .database_usage import DatabaseUsage - from .database_blob_auditing_policy import DatabaseBlobAuditingPolicy from .automatic_tuning_options import AutomaticTuningOptions from .database_automatic_tuning import DatabaseAutomaticTuning from .encryption_protector import EncryptionProtector @@ -217,6 +221,10 @@ from .sync_member import SyncMember from .subscription_usage import SubscriptionUsage from .virtual_network_rule import VirtualNetworkRule + from .extended_database_blob_auditing_policy import ExtendedDatabaseBlobAuditingPolicy + from .extended_server_blob_auditing_policy import ExtendedServerBlobAuditingPolicy + from .server_blob_auditing_policy import ServerBlobAuditingPolicy + from .database_blob_auditing_policy import DatabaseBlobAuditingPolicy from .database_vulnerability_assessment_rule_baseline_item import DatabaseVulnerabilityAssessmentRuleBaselineItem from .database_vulnerability_assessment_rule_baseline import DatabaseVulnerabilityAssessmentRuleBaseline from .vulnerability_assessment_recurring_scans_properties import VulnerabilityAssessmentRecurringScansProperties @@ -240,10 +248,12 @@ from .complete_database_restore_definition import CompleteDatabaseRestoreDefinition from .managed_database import ManagedDatabase from .managed_database_update import ManagedDatabaseUpdate + from .sensitivity_label import SensitivityLabel from .automatic_tuning_server_options import AutomaticTuningServerOptions from .server_automatic_tuning import ServerAutomaticTuning from .server_dns_alias import ServerDnsAlias from .server_dns_alias_acquisition import ServerDnsAliasAcquisition + from .server_security_alert_policy import ServerSecurityAlertPolicy from .restore_point import RestorePoint from .create_database_restore_point_definition import CreateDatabaseRestorePointDefinition from .database_operation import DatabaseOperation @@ -326,12 +336,14 @@ from .job_version_paged import JobVersionPaged from .long_term_retention_backup_paged import LongTermRetentionBackupPaged from .managed_database_paged import ManagedDatabasePaged +from .sensitivity_label_paged import SensitivityLabelPaged from .server_dns_alias_paged import ServerDnsAliasPaged from .restore_point_paged import RestorePointPaged from .database_operation_paged import DatabaseOperationPaged from .elastic_pool_operation_paged import ElasticPoolOperationPaged from .vulnerability_assessment_scan_record_paged import VulnerabilityAssessmentScanRecordPaged from .instance_failover_group_paged import InstanceFailoverGroupPaged +from .backup_short_term_retention_policy_paged import BackupShortTermRetentionPolicyPaged from .sql_management_client_enums import ( CheckNameAvailabilityReason, ServerConnectionType, @@ -357,7 +369,6 @@ RecommendedIndexType, TransparentDataEncryptionStatus, TransparentDataEncryptionActivityStatus, - BlobAuditingPolicyState, AutomaticTuningMode, AutomaticTuningOptionModeDesired, AutomaticTuningOptionModeActual, @@ -376,6 +387,7 @@ SyncDirection, SyncMemberState, VirtualNetworkRuleState, + BlobAuditingPolicyState, JobAgentState, JobExecutionLifecycle, ProvisioningState, @@ -407,6 +419,8 @@ VulnerabilityAssessmentScanState, InstanceFailoverGroupReplicationRole, LongTermRetentionDatabaseState, + VulnerabilityAssessmentPolicyBaselineName, + SensitivityLabelSource, CapabilityGroup, ) @@ -449,7 +463,6 @@ 'TransparentDataEncryptionActivity', 'ServerUsage', 'DatabaseUsage', - 'DatabaseBlobAuditingPolicy', 'AutomaticTuningOptions', 'DatabaseAutomaticTuning', 'EncryptionProtector', @@ -482,6 +495,10 @@ 'SyncMember', 'SubscriptionUsage', 'VirtualNetworkRule', + 'ExtendedDatabaseBlobAuditingPolicy', + 'ExtendedServerBlobAuditingPolicy', + 'ServerBlobAuditingPolicy', + 'DatabaseBlobAuditingPolicy', 'DatabaseVulnerabilityAssessmentRuleBaselineItem', 'DatabaseVulnerabilityAssessmentRuleBaseline', 'VulnerabilityAssessmentRecurringScansProperties', @@ -505,10 +522,12 @@ 'CompleteDatabaseRestoreDefinition', 'ManagedDatabase', 'ManagedDatabaseUpdate', + 'SensitivityLabel', 'AutomaticTuningServerOptions', 'ServerAutomaticTuning', 'ServerDnsAlias', 'ServerDnsAliasAcquisition', + 'ServerSecurityAlertPolicy', 'RestorePoint', 'CreateDatabaseRestorePointDefinition', 'DatabaseOperation', @@ -591,12 +610,14 @@ 'JobVersionPaged', 'LongTermRetentionBackupPaged', 'ManagedDatabasePaged', + 'SensitivityLabelPaged', 'ServerDnsAliasPaged', 'RestorePointPaged', 'DatabaseOperationPaged', 'ElasticPoolOperationPaged', 'VulnerabilityAssessmentScanRecordPaged', 'InstanceFailoverGroupPaged', + 'BackupShortTermRetentionPolicyPaged', 'CheckNameAvailabilityReason', 'ServerConnectionType', 'SecurityAlertPolicyState', @@ -621,7 +642,6 @@ 'RecommendedIndexType', 'TransparentDataEncryptionStatus', 'TransparentDataEncryptionActivityStatus', - 'BlobAuditingPolicyState', 'AutomaticTuningMode', 'AutomaticTuningOptionModeDesired', 'AutomaticTuningOptionModeActual', @@ -640,6 +660,7 @@ 'SyncDirection', 'SyncMemberState', 'VirtualNetworkRuleState', + 'BlobAuditingPolicyState', 'JobAgentState', 'JobExecutionLifecycle', 'ProvisioningState', @@ -671,5 +692,7 @@ 'VulnerabilityAssessmentScanState', 'InstanceFailoverGroupReplicationRole', 'LongTermRetentionDatabaseState', + 'VulnerabilityAssessmentPolicyBaselineName', + 'SensitivityLabelSource', 'CapabilityGroup', ] diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/backup_short_term_retention_policy_paged.py b/azure-mgmt-sql/azure/mgmt/sql/models/backup_short_term_retention_policy_paged.py new file mode 100644 index 000000000000..16d31e341795 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/backup_short_term_retention_policy_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class BackupShortTermRetentionPolicyPaged(Paged): + """ + A paging container for iterating over a list of :class:`BackupShortTermRetentionPolicy ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[BackupShortTermRetentionPolicy]'} + } + + def __init__(self, *args, **kwargs): + + super(BackupShortTermRetentionPolicyPaged, self).__init__(*args, **kwargs) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py index 407713325e7d..963b7674ac16 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py @@ -43,14 +43,72 @@ class DatabaseBlobAuditingPolicy(ProxyResource): :param retention_days: Specifies the number of days to keep in the audit logs. :type retention_days: int - :param audit_actions_and_groups: Specifies the Actions and Actions-Groups + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) :type audit_actions_and_groups: list[str] :param storage_account_subscription_id: Specifies the blob storage subscription Id. :type storage_account_subscription_id: str :param is_storage_secondary_key_in_use: Specifies whether - storageAccountAccessKey value is the storage’s secondary key. + storageAccountAccessKey value is the storage's secondary key. :type is_storage_secondary_key_in_use: bool """ diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py index bfc95370f0fc..1c58ec560a03 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py @@ -43,14 +43,72 @@ class DatabaseBlobAuditingPolicy(ProxyResource): :param retention_days: Specifies the number of days to keep in the audit logs. :type retention_days: int - :param audit_actions_and_groups: Specifies the Actions and Actions-Groups + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) :type audit_actions_and_groups: list[str] :param storage_account_subscription_id: Specifies the blob storage subscription Id. :type storage_account_subscription_id: str :param is_storage_secondary_key_in_use: Specifies whether - storageAccountAccessKey value is the storage’s secondary key. + storageAccountAccessKey value is the storage's secondary key. :type is_storage_secondary_key_in_use: bool """ diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy.py new file mode 100644 index 000000000000..cdfb75e47f2a --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy.py @@ -0,0 +1,146 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class ExtendedDatabaseBlobAuditingPolicy(ProxyResource): + """An extended database blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param predicate_expression: Specifies condition of where clause when + creating an audit. + :type predicate_expression: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'predicate_expression': {'key': 'properties.predicateExpression', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(ExtendedDatabaseBlobAuditingPolicy, self).__init__(**kwargs) + self.predicate_expression = kwargs.get('predicate_expression', None) + self.state = kwargs.get('state', None) + self.storage_endpoint = kwargs.get('storage_endpoint', None) + self.storage_account_access_key = kwargs.get('storage_account_access_key', None) + self.retention_days = kwargs.get('retention_days', None) + self.audit_actions_and_groups = kwargs.get('audit_actions_and_groups', None) + self.storage_account_subscription_id = kwargs.get('storage_account_subscription_id', None) + self.is_storage_secondary_key_in_use = kwargs.get('is_storage_secondary_key_in_use', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy_py3.py new file mode 100644 index 000000000000..ee5ce27523e1 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/extended_database_blob_auditing_policy_py3.py @@ -0,0 +1,146 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class ExtendedDatabaseBlobAuditingPolicy(ProxyResource): + """An extended database blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param predicate_expression: Specifies condition of where clause when + creating an audit. + :type predicate_expression: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'predicate_expression': {'key': 'properties.predicateExpression', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, *, state, predicate_expression: str=None, storage_endpoint: str=None, storage_account_access_key: str=None, retention_days: int=None, audit_actions_and_groups=None, storage_account_subscription_id: str=None, is_storage_secondary_key_in_use: bool=None, **kwargs) -> None: + super(ExtendedDatabaseBlobAuditingPolicy, self).__init__(**kwargs) + self.predicate_expression = predicate_expression + self.state = state + self.storage_endpoint = storage_endpoint + self.storage_account_access_key = storage_account_access_key + self.retention_days = retention_days + self.audit_actions_and_groups = audit_actions_and_groups + self.storage_account_subscription_id = storage_account_subscription_id + self.is_storage_secondary_key_in_use = is_storage_secondary_key_in_use diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy.py new file mode 100644 index 000000000000..a11e18ac68b1 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy.py @@ -0,0 +1,146 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class ExtendedServerBlobAuditingPolicy(ProxyResource): + """An extended server blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param predicate_expression: Specifies condition of where clause when + creating an audit. + :type predicate_expression: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'predicate_expression': {'key': 'properties.predicateExpression', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(ExtendedServerBlobAuditingPolicy, self).__init__(**kwargs) + self.predicate_expression = kwargs.get('predicate_expression', None) + self.state = kwargs.get('state', None) + self.storage_endpoint = kwargs.get('storage_endpoint', None) + self.storage_account_access_key = kwargs.get('storage_account_access_key', None) + self.retention_days = kwargs.get('retention_days', None) + self.audit_actions_and_groups = kwargs.get('audit_actions_and_groups', None) + self.storage_account_subscription_id = kwargs.get('storage_account_subscription_id', None) + self.is_storage_secondary_key_in_use = kwargs.get('is_storage_secondary_key_in_use', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy_py3.py new file mode 100644 index 000000000000..ac522801a8dd --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/extended_server_blob_auditing_policy_py3.py @@ -0,0 +1,146 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class ExtendedServerBlobAuditingPolicy(ProxyResource): + """An extended server blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param predicate_expression: Specifies condition of where clause when + creating an audit. + :type predicate_expression: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'predicate_expression': {'key': 'properties.predicateExpression', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, *, state, predicate_expression: str=None, storage_endpoint: str=None, storage_account_access_key: str=None, retention_days: int=None, audit_actions_and_groups=None, storage_account_subscription_id: str=None, is_storage_secondary_key_in_use: bool=None, **kwargs) -> None: + super(ExtendedServerBlobAuditingPolicy, self).__init__(**kwargs) + self.predicate_expression = predicate_expression + self.state = state + self.storage_endpoint = storage_endpoint + self.storage_account_access_key = storage_account_access_key + self.retention_days = retention_days + self.audit_actions_and_groups = audit_actions_and_groups + self.storage_account_subscription_id = storage_account_subscription_id + self.is_storage_secondary_key_in_use = is_storage_secondary_key_in_use diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label.py b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label.py new file mode 100644 index 000000000000..27d34d57c142 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label.py @@ -0,0 +1,50 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class SensitivityLabel(ProxyResource): + """A sensitivity label. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param label_name: The label name. + :type label_name: str + :param information_type: The information type. + :type information_type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'label_name': {'key': 'properties.labelName', 'type': 'str'}, + 'information_type': {'key': 'properties.informationType', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SensitivityLabel, self).__init__(**kwargs) + self.label_name = kwargs.get('label_name', None) + self.information_type = kwargs.get('information_type', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_paged.py b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_paged.py new file mode 100644 index 000000000000..438bfd86f9be --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class SensitivityLabelPaged(Paged): + """ + A paging container for iterating over a list of :class:`SensitivityLabel ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[SensitivityLabel]'} + } + + def __init__(self, *args, **kwargs): + + super(SensitivityLabelPaged, self).__init__(*args, **kwargs) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_py3.py new file mode 100644 index 000000000000..adbb7a203e1a --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/sensitivity_label_py3.py @@ -0,0 +1,50 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class SensitivityLabel(ProxyResource): + """A sensitivity label. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param label_name: The label name. + :type label_name: str + :param information_type: The information type. + :type information_type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'label_name': {'key': 'properties.labelName', 'type': 'str'}, + 'information_type': {'key': 'properties.informationType', 'type': 'str'}, + } + + def __init__(self, *, label_name: str=None, information_type: str=None, **kwargs) -> None: + super(SensitivityLabel, self).__init__(**kwargs) + self.label_name = label_name + self.information_type = information_type diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy.py new file mode 100644 index 000000000000..0232582a4237 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy.py @@ -0,0 +1,141 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class ServerBlobAuditingPolicy(ProxyResource): + """A server blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(ServerBlobAuditingPolicy, self).__init__(**kwargs) + self.state = kwargs.get('state', None) + self.storage_endpoint = kwargs.get('storage_endpoint', None) + self.storage_account_access_key = kwargs.get('storage_account_access_key', None) + self.retention_days = kwargs.get('retention_days', None) + self.audit_actions_and_groups = kwargs.get('audit_actions_and_groups', None) + self.storage_account_subscription_id = kwargs.get('storage_account_subscription_id', None) + self.is_storage_secondary_key_in_use = kwargs.get('is_storage_secondary_key_in_use', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy_py3.py new file mode 100644 index 000000000000..51dcc8c41d4c --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_blob_auditing_policy_py3.py @@ -0,0 +1,141 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class ServerBlobAuditingPolicy(ProxyResource): + """A server blob auditing policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy. If state is + Enabled, storageEndpoint and storageAccountAccessKey are required. + Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.BlobAuditingPolicyState + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). If state is Enabled, + storageEndpoint is required. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + auditing storage account. If state is Enabled, storageAccountAccessKey is + required. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the audit + logs. + :type retention_days: int + :param audit_actions_and_groups: Specifies the Actions-Groups and Actions + to audit. + The recommended set of action groups to use is the following combination - + this will audit all the queries and stored procedures executed against the + database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when + enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific + groups that cover your auditing needs. Using unnecessary groups could lead + to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures + executed against the database, and should not be used in combination with + other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action + Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note + that Actions cannot be specified for Server auditing policy). The + supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + ON BY + Note that in the above format can refer to an object like a + table, view, or stored procedure, or an entire database or schema. For the + latter cases, the forms DATABASE:: and SCHEMA:: are + used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit + Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions) + :type audit_actions_and_groups: list[str] + :param storage_account_subscription_id: Specifies the blob storage + subscription Id. + :type storage_account_subscription_id: str + :param is_storage_secondary_key_in_use: Specifies whether + storageAccountAccessKey value is the storage's secondary key. + :type is_storage_secondary_key_in_use: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'BlobAuditingPolicyState'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + 'audit_actions_and_groups': {'key': 'properties.auditActionsAndGroups', 'type': '[str]'}, + 'storage_account_subscription_id': {'key': 'properties.storageAccountSubscriptionId', 'type': 'str'}, + 'is_storage_secondary_key_in_use': {'key': 'properties.isStorageSecondaryKeyInUse', 'type': 'bool'}, + } + + def __init__(self, *, state, storage_endpoint: str=None, storage_account_access_key: str=None, retention_days: int=None, audit_actions_and_groups=None, storage_account_subscription_id: str=None, is_storage_secondary_key_in_use: bool=None, **kwargs) -> None: + super(ServerBlobAuditingPolicy, self).__init__(**kwargs) + self.state = state + self.storage_endpoint = storage_endpoint + self.storage_account_access_key = storage_account_access_key + self.retention_days = retention_days + self.audit_actions_and_groups = audit_actions_and_groups + self.storage_account_subscription_id = storage_account_subscription_id + self.is_storage_secondary_key_in_use = is_storage_secondary_key_in_use diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py new file mode 100644 index 000000000000..4e5d69dbcd27 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py @@ -0,0 +1,82 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class ServerSecurityAlertPolicy(ProxyResource): + """A server security alert policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy, whether it is + enabled or disabled. Possible values include: 'New', 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.SecurityAlertPolicyState + :param disabled_alerts: Specifies an array of alerts that are disabled. + Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, + Access_Anomaly + :type disabled_alerts: list[str] + :param email_addresses: Specifies an array of e-mail addresses to which + the alert is sent. + :type email_addresses: list[str] + :param email_account_admins: Specifies that the alert is sent to the + account administrators. + :type email_account_admins: bool + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). This blob storage will hold all + Threat Detection audit logs. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + Threat Detection audit storage account. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the Threat + Detection audit logs. + :type retention_days: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'SecurityAlertPolicyState'}, + 'disabled_alerts': {'key': 'properties.disabledAlerts', 'type': '[str]'}, + 'email_addresses': {'key': 'properties.emailAddresses', 'type': '[str]'}, + 'email_account_admins': {'key': 'properties.emailAccountAdmins', 'type': 'bool'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(ServerSecurityAlertPolicy, self).__init__(**kwargs) + self.state = kwargs.get('state', None) + self.disabled_alerts = kwargs.get('disabled_alerts', None) + self.email_addresses = kwargs.get('email_addresses', None) + self.email_account_admins = kwargs.get('email_account_admins', None) + self.storage_endpoint = kwargs.get('storage_endpoint', None) + self.storage_account_access_key = kwargs.get('storage_account_access_key', None) + self.retention_days = kwargs.get('retention_days', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py new file mode 100644 index 000000000000..2a65b5d19078 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py @@ -0,0 +1,82 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class ServerSecurityAlertPolicy(ProxyResource): + """A server security alert policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy, whether it is + enabled or disabled. Possible values include: 'New', 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.SecurityAlertPolicyState + :param disabled_alerts: Specifies an array of alerts that are disabled. + Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, + Access_Anomaly + :type disabled_alerts: list[str] + :param email_addresses: Specifies an array of e-mail addresses to which + the alert is sent. + :type email_addresses: list[str] + :param email_account_admins: Specifies that the alert is sent to the + account administrators. + :type email_account_admins: bool + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). This blob storage will hold all + Threat Detection audit logs. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + Threat Detection audit storage account. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the Threat + Detection audit logs. + :type retention_days: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'SecurityAlertPolicyState'}, + 'disabled_alerts': {'key': 'properties.disabledAlerts', 'type': '[str]'}, + 'email_addresses': {'key': 'properties.emailAddresses', 'type': '[str]'}, + 'email_account_admins': {'key': 'properties.emailAccountAdmins', 'type': 'bool'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + } + + def __init__(self, *, state, disabled_alerts=None, email_addresses=None, email_account_admins: bool=None, storage_endpoint: str=None, storage_account_access_key: str=None, retention_days: int=None, **kwargs) -> None: + super(ServerSecurityAlertPolicy, self).__init__(**kwargs) + self.state = state + self.disabled_alerts = disabled_alerts + self.email_addresses = email_addresses + self.email_account_admins = email_account_admins + self.storage_endpoint = storage_endpoint + self.storage_account_access_key = storage_account_access_key + self.retention_days = retention_days diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py b/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py index e4a76e0f84e5..325c2d06c5da 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py @@ -264,12 +264,6 @@ class TransparentDataEncryptionActivityStatus(str, Enum): decrypting = "Decrypting" -class BlobAuditingPolicyState(str, Enum): - - enabled = "Enabled" - disabled = "Disabled" - - class AutomaticTuningMode(str, Enum): inherit = "Inherit" @@ -411,6 +405,12 @@ class VirtualNetworkRuleState(str, Enum): unknown = "Unknown" +class BlobAuditingPolicyState(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" + + class JobAgentState(str, Enum): creating = "Creating" @@ -657,6 +657,18 @@ class LongTermRetentionDatabaseState(str, Enum): deleted = "Deleted" +class VulnerabilityAssessmentPolicyBaselineName(str, Enum): + + master = "master" + default = "default" + + +class SensitivityLabelSource(str, Enum): + + current = "current" + recommended = "recommended" + + class CapabilityGroup(str, Enum): supported_editions = "supportedEditions" diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py b/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py index ca19b385ece2..538af4811eb3 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py @@ -32,7 +32,6 @@ from .transparent_data_encryption_activities_operations import TransparentDataEncryptionActivitiesOperations from .server_usages_operations import ServerUsagesOperations from .database_usages_operations import DatabaseUsagesOperations -from .database_blob_auditing_policies_operations import DatabaseBlobAuditingPoliciesOperations from .database_automatic_tuning_operations import DatabaseAutomaticTuningOperations from .encryption_protectors_operations import EncryptionProtectorsOperations from .failover_groups_operations import FailoverGroupsOperations @@ -44,6 +43,10 @@ from .sync_members_operations import SyncMembersOperations from .subscription_usages_operations import SubscriptionUsagesOperations from .virtual_network_rules_operations import VirtualNetworkRulesOperations +from .extended_database_blob_auditing_policies_operations import ExtendedDatabaseBlobAuditingPoliciesOperations +from .extended_server_blob_auditing_policies_operations import ExtendedServerBlobAuditingPoliciesOperations +from .server_blob_auditing_policies_operations import ServerBlobAuditingPoliciesOperations +from .database_blob_auditing_policies_operations import DatabaseBlobAuditingPoliciesOperations from .database_vulnerability_assessment_rule_baselines_operations import DatabaseVulnerabilityAssessmentRuleBaselinesOperations from .database_vulnerability_assessments_operations import DatabaseVulnerabilityAssessmentsOperations from .job_agents_operations import JobAgentsOperations @@ -58,8 +61,10 @@ from .long_term_retention_backups_operations import LongTermRetentionBackupsOperations from .backup_long_term_retention_policies_operations import BackupLongTermRetentionPoliciesOperations from .managed_databases_operations import ManagedDatabasesOperations +from .sensitivity_labels_operations import SensitivityLabelsOperations from .server_automatic_tuning_operations import ServerAutomaticTuningOperations from .server_dns_aliases_operations import ServerDnsAliasesOperations +from .server_security_alert_policies_operations import ServerSecurityAlertPoliciesOperations from .restore_points_operations import RestorePointsOperations from .database_operations import DatabaseOperations from .elastic_pool_operations import ElasticPoolOperations @@ -94,7 +99,6 @@ 'TransparentDataEncryptionActivitiesOperations', 'ServerUsagesOperations', 'DatabaseUsagesOperations', - 'DatabaseBlobAuditingPoliciesOperations', 'DatabaseAutomaticTuningOperations', 'EncryptionProtectorsOperations', 'FailoverGroupsOperations', @@ -106,6 +110,10 @@ 'SyncMembersOperations', 'SubscriptionUsagesOperations', 'VirtualNetworkRulesOperations', + 'ExtendedDatabaseBlobAuditingPoliciesOperations', + 'ExtendedServerBlobAuditingPoliciesOperations', + 'ServerBlobAuditingPoliciesOperations', + 'DatabaseBlobAuditingPoliciesOperations', 'DatabaseVulnerabilityAssessmentRuleBaselinesOperations', 'DatabaseVulnerabilityAssessmentsOperations', 'JobAgentsOperations', @@ -120,8 +128,10 @@ 'LongTermRetentionBackupsOperations', 'BackupLongTermRetentionPoliciesOperations', 'ManagedDatabasesOperations', + 'SensitivityLabelsOperations', 'ServerAutomaticTuningOperations', 'ServerDnsAliasesOperations', + 'ServerSecurityAlertPoliciesOperations', 'RestorePointsOperations', 'DatabaseOperations', 'ElasticPoolOperations', diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/backup_short_term_retention_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/backup_short_term_retention_policies_operations.py index e50f15c2a997..ce01d24f68c7 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/operations/backup_short_term_retention_policies_operations.py +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/backup_short_term_retention_policies_operations.py @@ -331,3 +331,79 @@ def get_long_running_output(response): else: polling_method = polling return LROPoller(self._client, raw_result, get_long_running_output, polling_method) update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/backupShortTermRetentionPolicies/{policyName}'} + + def list_by_database( + self, resource_group_name, server_name, database_name, custom_headers=None, raw=False, **operation_config): + """Gets a database's short term retention policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of BackupShortTermRetentionPolicy + :rtype: + ~azure.mgmt.sql.models.BackupShortTermRetentionPolicyPaged[~azure.mgmt.sql.models.BackupShortTermRetentionPolicy] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_by_database.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send( + request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.BackupShortTermRetentionPolicyPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.BackupShortTermRetentionPolicyPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_by_database.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/backupShortTermRetentionPolicies'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/database_blob_auditing_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/database_blob_auditing_policies_operations.py index fa915bf7c00d..425ace0b8cc3 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/operations/database_blob_auditing_policies_operations.py +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/database_blob_auditing_policies_operations.py @@ -24,7 +24,7 @@ class DatabaseBlobAuditingPoliciesOperations(object): :param serializer: An object model serializer. :param deserializer: An object model deserializer. :ivar blob_auditing_policy_name: The name of the blob auditing policy. Constant value: "default". - :ivar api_version: The API version to use for the request. Constant value: "2015-05-01-preview". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". """ models = models @@ -35,7 +35,7 @@ def __init__(self, client, config, serializer, deserializer): self._serialize = serializer self._deserialize = deserializer self.blob_auditing_policy_name = "default" - self.api_version = "2015-05-01-preview" + self.api_version = "2017-03-01-preview" self.config = config @@ -49,8 +49,7 @@ def get( :type resource_group_name: str :param server_name: The name of the server. :type server_name: str - :param database_name: The name of the database for which the blob - audit policy is defined. + :param database_name: The name of the database. :type database_name: str :param dict custom_headers: headers that will be added to the request :param bool raw: returns the direct response alongside the @@ -118,8 +117,7 @@ def create_or_update( :type resource_group_name: str :param server_name: The name of the server. :type server_name: str - :param database_name: The name of the database for which the blob - auditing policy will be defined. + :param database_name: The name of the database. :type database_name: str :param parameters: The database blob auditing policy. :type parameters: ~azure.mgmt.sql.models.DatabaseBlobAuditingPolicy diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/database_vulnerability_assessment_rule_baselines_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/database_vulnerability_assessment_rule_baselines_operations.py index 16a909e27a1a..558ad0135821 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/operations/database_vulnerability_assessment_rule_baselines_operations.py +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/database_vulnerability_assessment_rule_baselines_operations.py @@ -24,7 +24,6 @@ class DatabaseVulnerabilityAssessmentRuleBaselinesOperations(object): :param serializer: An object model serializer. :param deserializer: An object model deserializer. :ivar vulnerability_assessment_name: The name of the vulnerability assessment. Constant value: "default". - :ivar baseline_name: The name of the vulnerability assessment rule baseline. Constant value: "default". :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". """ @@ -36,13 +35,12 @@ def __init__(self, client, config, serializer, deserializer): self._serialize = serializer self._deserialize = deserializer self.vulnerability_assessment_name = "default" - self.baseline_name = "default" self.api_version = "2017-03-01-preview" self.config = config def get( - self, resource_group_name, server_name, database_name, rule_id, custom_headers=None, raw=False, **operation_config): + self, resource_group_name, server_name, database_name, rule_id, baseline_name, custom_headers=None, raw=False, **operation_config): """Gets a database's vulnerability assessment rule baseline. :param resource_group_name: The name of the resource group that @@ -56,6 +54,12 @@ def get( :type database_name: str :param rule_id: The vulnerability assessment rule ID. :type rule_id: str + :param baseline_name: The name of the vulnerability assessment rule + baseline (default implies a baseline on a database level rule and + master for server level rule). Possible values include: 'master', + 'default' + :type baseline_name: str or + ~azure.mgmt.sql.models.VulnerabilityAssessmentPolicyBaselineName :param dict custom_headers: headers that will be added to the request :param bool raw: returns the direct response alongside the deserialized response @@ -76,7 +80,7 @@ def get( 'databaseName': self._serialize.url("database_name", database_name, 'str'), 'vulnerabilityAssessmentName': self._serialize.url("self.vulnerability_assessment_name", self.vulnerability_assessment_name, 'str'), 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), - 'baselineName': self._serialize.url("self.baseline_name", self.baseline_name, 'str'), + 'baselineName': self._serialize.url("baseline_name", baseline_name, 'VulnerabilityAssessmentPolicyBaselineName'), 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') } url = self._client.format_url(url, **path_format_arguments) @@ -117,7 +121,7 @@ def get( get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/vulnerabilityAssessments/{vulnerabilityAssessmentName}/rules/{ruleId}/baselines/{baselineName}'} def create_or_update( - self, resource_group_name, server_name, database_name, rule_id, baseline_results, custom_headers=None, raw=False, **operation_config): + self, resource_group_name, server_name, database_name, rule_id, baseline_name, baseline_results, custom_headers=None, raw=False, **operation_config): """Creates or updates a database's vulnerability assessment rule baseline. :param resource_group_name: The name of the resource group that @@ -131,6 +135,12 @@ def create_or_update( :type database_name: str :param rule_id: The vulnerability assessment rule ID. :type rule_id: str + :param baseline_name: The name of the vulnerability assessment rule + baseline (default implies a baseline on a database level rule and + master for server level rule). Possible values include: 'master', + 'default' + :type baseline_name: str or + ~azure.mgmt.sql.models.VulnerabilityAssessmentPolicyBaselineName :param baseline_results: The rule baseline result :type baseline_results: list[~azure.mgmt.sql.models.DatabaseVulnerabilityAssessmentRuleBaselineItem] @@ -156,7 +166,7 @@ def create_or_update( 'databaseName': self._serialize.url("database_name", database_name, 'str'), 'vulnerabilityAssessmentName': self._serialize.url("self.vulnerability_assessment_name", self.vulnerability_assessment_name, 'str'), 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), - 'baselineName': self._serialize.url("self.baseline_name", self.baseline_name, 'str'), + 'baselineName': self._serialize.url("baseline_name", baseline_name, 'VulnerabilityAssessmentPolicyBaselineName'), 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') } url = self._client.format_url(url, **path_format_arguments) @@ -201,7 +211,7 @@ def create_or_update( create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/vulnerabilityAssessments/{vulnerabilityAssessmentName}/rules/{ruleId}/baselines/{baselineName}'} def delete( - self, resource_group_name, server_name, database_name, rule_id, custom_headers=None, raw=False, **operation_config): + self, resource_group_name, server_name, database_name, rule_id, baseline_name, custom_headers=None, raw=False, **operation_config): """Removes the database's vulnerability assessment rule baseline. :param resource_group_name: The name of the resource group that @@ -215,6 +225,12 @@ def delete( :type database_name: str :param rule_id: The vulnerability assessment rule ID. :type rule_id: str + :param baseline_name: The name of the vulnerability assessment rule + baseline (default implies a baseline on a database level rule and + master for server level rule). Possible values include: 'master', + 'default' + :type baseline_name: str or + ~azure.mgmt.sql.models.VulnerabilityAssessmentPolicyBaselineName :param dict custom_headers: headers that will be added to the request :param bool raw: returns the direct response alongside the deserialized response @@ -232,7 +248,7 @@ def delete( 'databaseName': self._serialize.url("database_name", database_name, 'str'), 'vulnerabilityAssessmentName': self._serialize.url("self.vulnerability_assessment_name", self.vulnerability_assessment_name, 'str'), 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), - 'baselineName': self._serialize.url("self.baseline_name", self.baseline_name, 'str'), + 'baselineName': self._serialize.url("baseline_name", baseline_name, 'VulnerabilityAssessmentPolicyBaselineName'), 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') } url = self._client.format_url(url, **path_format_arguments) diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/extended_database_blob_auditing_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/extended_database_blob_auditing_policies_operations.py new file mode 100644 index 000000000000..73ff8454c8b5 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/extended_database_blob_auditing_policies_operations.py @@ -0,0 +1,187 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class ExtendedDatabaseBlobAuditingPoliciesOperations(object): + """ExtendedDatabaseBlobAuditingPoliciesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar blob_auditing_policy_name: The name of the blob auditing policy. Constant value: "default". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.blob_auditing_policy_name = "default" + self.api_version = "2017-03-01-preview" + + self.config = config + + def get( + self, resource_group_name, server_name, database_name, custom_headers=None, raw=False, **operation_config): + """Gets an extended database's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ExtendedDatabaseBlobAuditingPolicy or ClientRawResponse if + raw=true + :rtype: ~azure.mgmt.sql.models.ExtendedDatabaseBlobAuditingPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ExtendedDatabaseBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/extendedAuditingSettings/{blobAuditingPolicyName}'} + + def create_or_update( + self, resource_group_name, server_name, database_name, parameters, custom_headers=None, raw=False, **operation_config): + """Creates or updates an extended database's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param parameters: The extended database blob auditing policy. + :type parameters: + ~azure.mgmt.sql.models.ExtendedDatabaseBlobAuditingPolicy + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ExtendedDatabaseBlobAuditingPolicy or ClientRawResponse if + raw=true + :rtype: ~azure.mgmt.sql.models.ExtendedDatabaseBlobAuditingPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ExtendedDatabaseBlobAuditingPolicy') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ExtendedDatabaseBlobAuditingPolicy', response) + if response.status_code == 201: + deserialized = self._deserialize('ExtendedDatabaseBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/extendedAuditingSettings/{blobAuditingPolicyName}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/extended_server_blob_auditing_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/extended_server_blob_auditing_policies_operations.py new file mode 100644 index 000000000000..02830132aa3f --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/extended_server_blob_auditing_policies_operations.py @@ -0,0 +1,213 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError +from msrest.polling import LROPoller, NoPolling +from msrestazure.polling.arm_polling import ARMPolling + +from .. import models + + +class ExtendedServerBlobAuditingPoliciesOperations(object): + """ExtendedServerBlobAuditingPoliciesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar blob_auditing_policy_name: The name of the blob auditing policy. Constant value: "default". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.blob_auditing_policy_name = "default" + self.api_version = "2017-03-01-preview" + + self.config = config + + def get( + self, resource_group_name, server_name, custom_headers=None, raw=False, **operation_config): + """Gets an extended server's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ExtendedServerBlobAuditingPolicy or ClientRawResponse if + raw=true + :rtype: ~azure.mgmt.sql.models.ExtendedServerBlobAuditingPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ExtendedServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/extendedAuditingSettings/{blobAuditingPolicyName}'} + + + def _create_or_update_initial( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, **operation_config): + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ExtendedServerBlobAuditingPolicy') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 202]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ExtendedServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + def create_or_update( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, polling=True, **operation_config): + """Creates or updates an extended server's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param parameters: Properties of extended blob auditing policy + :type parameters: + ~azure.mgmt.sql.models.ExtendedServerBlobAuditingPolicy + :param dict custom_headers: headers that will be added to the request + :param bool raw: The poller return type is ClientRawResponse, the + direct response alongside the deserialized response + :param polling: True for ARMPolling, False for no polling, or a + polling object for personal polling strategy + :return: An instance of LROPoller that returns + ExtendedServerBlobAuditingPolicy or + ClientRawResponse if raw==True + :rtype: + ~msrestazure.azure_operation.AzureOperationPoller[~azure.mgmt.sql.models.ExtendedServerBlobAuditingPolicy] + or + ~msrestazure.azure_operation.AzureOperationPoller[~msrest.pipeline.ClientRawResponse[~azure.mgmt.sql.models.ExtendedServerBlobAuditingPolicy]] + :raises: :class:`CloudError` + """ + raw_result = self._create_or_update_initial( + resource_group_name=resource_group_name, + server_name=server_name, + parameters=parameters, + custom_headers=custom_headers, + raw=True, + **operation_config + ) + + def get_long_running_output(response): + deserialized = self._deserialize('ExtendedServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + lro_delay = operation_config.get( + 'long_running_operation_timeout', + self.config.long_running_operation_timeout) + if polling is True: polling_method = ARMPolling(lro_delay, **operation_config) + elif polling is False: polling_method = NoPolling() + else: polling_method = polling + return LROPoller(self._client, raw_result, get_long_running_output, polling_method) + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/extendedAuditingSettings/{blobAuditingPolicyName}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/sensitivity_labels_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/sensitivity_labels_operations.py new file mode 100644 index 000000000000..656ef40de187 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/sensitivity_labels_operations.py @@ -0,0 +1,360 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class SensitivityLabelsOperations(object): + """SensitivityLabelsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + :ivar sensitivity_label_source: The source of the sensitivity label. Constant value: "current". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2017-03-01-preview" + self.sensitivity_label_source = "current" + + self.config = config + + def list_by_database( + self, resource_group_name, server_name, database_name, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets the sensitivity labels of a given database. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param filter: An OData filter expression that filters elements in the + collection. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of SensitivityLabel + :rtype: + ~azure.mgmt.sql.models.SensitivityLabelPaged[~azure.mgmt.sql.models.SensitivityLabel] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_by_database.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send( + request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.SensitivityLabelPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.SensitivityLabelPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_by_database.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/sensitivityLabels'} + + def get( + self, resource_group_name, server_name, database_name, schema_name, table_name, column_name, sensitivity_label_source, custom_headers=None, raw=False, **operation_config): + """Gets the sensitivity label of a given column. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param schema_name: The name of the schema. + :type schema_name: str + :param table_name: The name of the table. + :type table_name: str + :param column_name: The name of the column. + :type column_name: str + :param sensitivity_label_source: The source of the sensitivity label. + Possible values include: 'current', 'recommended' + :type sensitivity_label_source: str or + ~azure.mgmt.sql.models.SensitivityLabelSource + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: SensitivityLabel or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.sql.models.SensitivityLabel or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'schemaName': self._serialize.url("schema_name", schema_name, 'str'), + 'tableName': self._serialize.url("table_name", table_name, 'str'), + 'columnName': self._serialize.url("column_name", column_name, 'str'), + 'sensitivityLabelSource': self._serialize.url("sensitivity_label_source", sensitivity_label_source, 'SensitivityLabelSource'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('SensitivityLabel', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/schemas/{schemaName}/tables/{tableName}/columns/{columnName}/sensitivityLabels/{sensitivityLabelSource}'} + + def create_or_update( + self, resource_group_name, server_name, database_name, schema_name, table_name, column_name, label_name=None, information_type=None, custom_headers=None, raw=False, **operation_config): + """Creates or updates the sensitivity label of a given column. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param schema_name: The name of the schema. + :type schema_name: str + :param table_name: The name of the table. + :type table_name: str + :param column_name: The name of the column. + :type column_name: str + :param label_name: The label name. + :type label_name: str + :param information_type: The information type. + :type information_type: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: SensitivityLabel or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.sql.models.SensitivityLabel or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + parameters = models.SensitivityLabel(label_name=label_name, information_type=information_type) + + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'schemaName': self._serialize.url("schema_name", schema_name, 'str'), + 'tableName': self._serialize.url("table_name", table_name, 'str'), + 'columnName': self._serialize.url("column_name", column_name, 'str'), + 'sensitivityLabelSource': self._serialize.url("self.sensitivity_label_source", self.sensitivity_label_source, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'SensitivityLabel') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('SensitivityLabel', response) + if response.status_code == 201: + deserialized = self._deserialize('SensitivityLabel', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/schemas/{schemaName}/tables/{tableName}/columns/{columnName}/sensitivityLabels/{sensitivityLabelSource}'} + + def delete( + self, resource_group_name, server_name, database_name, schema_name, table_name, column_name, custom_headers=None, raw=False, **operation_config): + """Deletes the sensitivity label of a given column. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param database_name: The name of the database. + :type database_name: str + :param schema_name: The name of the schema. + :type schema_name: str + :param table_name: The name of the table. + :type table_name: str + :param column_name: The name of the column. + :type column_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'databaseName': self._serialize.url("database_name", database_name, 'str'), + 'schemaName': self._serialize.url("schema_name", schema_name, 'str'), + 'tableName': self._serialize.url("table_name", table_name, 'str'), + 'columnName': self._serialize.url("column_name", column_name, 'str'), + 'sensitivityLabelSource': self._serialize.url("self.sensitivity_label_source", self.sensitivity_label_source, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/schemas/{schemaName}/tables/{tableName}/columns/{columnName}/sensitivityLabels/{sensitivityLabelSource}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/server_blob_auditing_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/server_blob_auditing_policies_operations.py new file mode 100644 index 000000000000..ae38710656f9 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/server_blob_auditing_policies_operations.py @@ -0,0 +1,211 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError +from msrest.polling import LROPoller, NoPolling +from msrestazure.polling.arm_polling import ARMPolling + +from .. import models + + +class ServerBlobAuditingPoliciesOperations(object): + """ServerBlobAuditingPoliciesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar blob_auditing_policy_name: The name of the blob auditing policy. Constant value: "default". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.blob_auditing_policy_name = "default" + self.api_version = "2017-03-01-preview" + + self.config = config + + def get( + self, resource_group_name, server_name, custom_headers=None, raw=False, **operation_config): + """Gets a server's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServerBlobAuditingPolicy or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.sql.models.ServerBlobAuditingPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/auditingSettings/{blobAuditingPolicyName}'} + + + def _create_or_update_initial( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, **operation_config): + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'blobAuditingPolicyName': self._serialize.url("self.blob_auditing_policy_name", self.blob_auditing_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ServerBlobAuditingPolicy') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 202]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + def create_or_update( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, polling=True, **operation_config): + """Creates or updates a server's blob auditing policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param parameters: Properties of blob auditing policy + :type parameters: ~azure.mgmt.sql.models.ServerBlobAuditingPolicy + :param dict custom_headers: headers that will be added to the request + :param bool raw: The poller return type is ClientRawResponse, the + direct response alongside the deserialized response + :param polling: True for ARMPolling, False for no polling, or a + polling object for personal polling strategy + :return: An instance of LROPoller that returns + ServerBlobAuditingPolicy or + ClientRawResponse if raw==True + :rtype: + ~msrestazure.azure_operation.AzureOperationPoller[~azure.mgmt.sql.models.ServerBlobAuditingPolicy] + or + ~msrestazure.azure_operation.AzureOperationPoller[~msrest.pipeline.ClientRawResponse[~azure.mgmt.sql.models.ServerBlobAuditingPolicy]] + :raises: :class:`CloudError` + """ + raw_result = self._create_or_update_initial( + resource_group_name=resource_group_name, + server_name=server_name, + parameters=parameters, + custom_headers=custom_headers, + raw=True, + **operation_config + ) + + def get_long_running_output(response): + deserialized = self._deserialize('ServerBlobAuditingPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + lro_delay = operation_config.get( + 'long_running_operation_timeout', + self.config.long_running_operation_timeout) + if polling is True: polling_method = ARMPolling(lro_delay, **operation_config) + elif polling is False: polling_method = NoPolling() + else: polling_method = polling + return LROPoller(self._client, raw_result, get_long_running_output, polling_method) + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/auditingSettings/{blobAuditingPolicyName}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py new file mode 100644 index 000000000000..ddbd335574b4 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py @@ -0,0 +1,211 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError +from msrest.polling import LROPoller, NoPolling +from msrestazure.polling.arm_polling import ARMPolling + +from .. import models + + +class ServerSecurityAlertPoliciesOperations(object): + """ServerSecurityAlertPoliciesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar security_alert_policy_name: The name of the security alert policy. Constant value: "Default". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.security_alert_policy_name = "Default" + self.api_version = "2017-03-01-preview" + + self.config = config + + def get( + self, resource_group_name, server_name, custom_headers=None, raw=False, **operation_config): + """Get a server's security alert policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServerSecurityAlertPolicy or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.sql.models.ServerSecurityAlertPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'securityAlertPolicyName': self._serialize.url("self.security_alert_policy_name", self.security_alert_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}'} + + + def _create_or_update_initial( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, **operation_config): + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'securityAlertPolicyName': self._serialize.url("self.security_alert_policy_name", self.security_alert_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ServerSecurityAlertPolicy') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 202]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + def create_or_update( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, polling=True, **operation_config): + """Creates or updates a threat detection policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param parameters: The server security alert policy. + :type parameters: ~azure.mgmt.sql.models.ServerSecurityAlertPolicy + :param dict custom_headers: headers that will be added to the request + :param bool raw: The poller return type is ClientRawResponse, the + direct response alongside the deserialized response + :param polling: True for ARMPolling, False for no polling, or a + polling object for personal polling strategy + :return: An instance of LROPoller that returns + ServerSecurityAlertPolicy or + ClientRawResponse if raw==True + :rtype: + ~msrestazure.azure_operation.AzureOperationPoller[~azure.mgmt.sql.models.ServerSecurityAlertPolicy] + or + ~msrestazure.azure_operation.AzureOperationPoller[~msrest.pipeline.ClientRawResponse[~azure.mgmt.sql.models.ServerSecurityAlertPolicy]] + :raises: :class:`CloudError` + """ + raw_result = self._create_or_update_initial( + resource_group_name=resource_group_name, + server_name=server_name, + parameters=parameters, + custom_headers=custom_headers, + raw=True, + **operation_config + ) + + def get_long_running_output(response): + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + lro_delay = operation_config.get( + 'long_running_operation_timeout', + self.config.long_running_operation_timeout) + if polling is True: polling_method = ARMPolling(lro_delay, **operation_config) + elif polling is False: polling_method = NoPolling() + else: polling_method = polling + return LROPoller(self._client, raw_result, get_long_running_output, polling_method) + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py b/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py index defe2f7f99eb..b1ff7e733b52 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py +++ b/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py @@ -36,7 +36,6 @@ from .operations.transparent_data_encryption_activities_operations import TransparentDataEncryptionActivitiesOperations from .operations.server_usages_operations import ServerUsagesOperations from .operations.database_usages_operations import DatabaseUsagesOperations -from .operations.database_blob_auditing_policies_operations import DatabaseBlobAuditingPoliciesOperations from .operations.database_automatic_tuning_operations import DatabaseAutomaticTuningOperations from .operations.encryption_protectors_operations import EncryptionProtectorsOperations from .operations.failover_groups_operations import FailoverGroupsOperations @@ -48,6 +47,10 @@ from .operations.sync_members_operations import SyncMembersOperations from .operations.subscription_usages_operations import SubscriptionUsagesOperations from .operations.virtual_network_rules_operations import VirtualNetworkRulesOperations +from .operations.extended_database_blob_auditing_policies_operations import ExtendedDatabaseBlobAuditingPoliciesOperations +from .operations.extended_server_blob_auditing_policies_operations import ExtendedServerBlobAuditingPoliciesOperations +from .operations.server_blob_auditing_policies_operations import ServerBlobAuditingPoliciesOperations +from .operations.database_blob_auditing_policies_operations import DatabaseBlobAuditingPoliciesOperations from .operations.database_vulnerability_assessment_rule_baselines_operations import DatabaseVulnerabilityAssessmentRuleBaselinesOperations from .operations.database_vulnerability_assessments_operations import DatabaseVulnerabilityAssessmentsOperations from .operations.job_agents_operations import JobAgentsOperations @@ -62,8 +65,10 @@ from .operations.long_term_retention_backups_operations import LongTermRetentionBackupsOperations from .operations.backup_long_term_retention_policies_operations import BackupLongTermRetentionPoliciesOperations from .operations.managed_databases_operations import ManagedDatabasesOperations +from .operations.sensitivity_labels_operations import SensitivityLabelsOperations from .operations.server_automatic_tuning_operations import ServerAutomaticTuningOperations from .operations.server_dns_aliases_operations import ServerDnsAliasesOperations +from .operations.server_security_alert_policies_operations import ServerSecurityAlertPoliciesOperations from .operations.restore_points_operations import RestorePointsOperations from .operations.database_operations import DatabaseOperations from .operations.elastic_pool_operations import ElasticPoolOperations @@ -161,8 +166,6 @@ class SqlManagementClient(SDKClient): :vartype server_usages: azure.mgmt.sql.operations.ServerUsagesOperations :ivar database_usages: DatabaseUsages operations :vartype database_usages: azure.mgmt.sql.operations.DatabaseUsagesOperations - :ivar database_blob_auditing_policies: DatabaseBlobAuditingPolicies operations - :vartype database_blob_auditing_policies: azure.mgmt.sql.operations.DatabaseBlobAuditingPoliciesOperations :ivar database_automatic_tuning: DatabaseAutomaticTuning operations :vartype database_automatic_tuning: azure.mgmt.sql.operations.DatabaseAutomaticTuningOperations :ivar encryption_protectors: EncryptionProtectors operations @@ -185,6 +188,14 @@ class SqlManagementClient(SDKClient): :vartype subscription_usages: azure.mgmt.sql.operations.SubscriptionUsagesOperations :ivar virtual_network_rules: VirtualNetworkRules operations :vartype virtual_network_rules: azure.mgmt.sql.operations.VirtualNetworkRulesOperations + :ivar extended_database_blob_auditing_policies: ExtendedDatabaseBlobAuditingPolicies operations + :vartype extended_database_blob_auditing_policies: azure.mgmt.sql.operations.ExtendedDatabaseBlobAuditingPoliciesOperations + :ivar extended_server_blob_auditing_policies: ExtendedServerBlobAuditingPolicies operations + :vartype extended_server_blob_auditing_policies: azure.mgmt.sql.operations.ExtendedServerBlobAuditingPoliciesOperations + :ivar server_blob_auditing_policies: ServerBlobAuditingPolicies operations + :vartype server_blob_auditing_policies: azure.mgmt.sql.operations.ServerBlobAuditingPoliciesOperations + :ivar database_blob_auditing_policies: DatabaseBlobAuditingPolicies operations + :vartype database_blob_auditing_policies: azure.mgmt.sql.operations.DatabaseBlobAuditingPoliciesOperations :ivar database_vulnerability_assessment_rule_baselines: DatabaseVulnerabilityAssessmentRuleBaselines operations :vartype database_vulnerability_assessment_rule_baselines: azure.mgmt.sql.operations.DatabaseVulnerabilityAssessmentRuleBaselinesOperations :ivar database_vulnerability_assessments: DatabaseVulnerabilityAssessments operations @@ -213,10 +224,14 @@ class SqlManagementClient(SDKClient): :vartype backup_long_term_retention_policies: azure.mgmt.sql.operations.BackupLongTermRetentionPoliciesOperations :ivar managed_databases: ManagedDatabases operations :vartype managed_databases: azure.mgmt.sql.operations.ManagedDatabasesOperations + :ivar sensitivity_labels: SensitivityLabels operations + :vartype sensitivity_labels: azure.mgmt.sql.operations.SensitivityLabelsOperations :ivar server_automatic_tuning: ServerAutomaticTuning operations :vartype server_automatic_tuning: azure.mgmt.sql.operations.ServerAutomaticTuningOperations :ivar server_dns_aliases: ServerDnsAliases operations :vartype server_dns_aliases: azure.mgmt.sql.operations.ServerDnsAliasesOperations + :ivar server_security_alert_policies: ServerSecurityAlertPolicies operations + :vartype server_security_alert_policies: azure.mgmt.sql.operations.ServerSecurityAlertPoliciesOperations :ivar restore_points: RestorePoints operations :vartype restore_points: azure.mgmt.sql.operations.RestorePointsOperations :ivar database_operations: DatabaseOperations operations @@ -301,8 +316,6 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.database_usages = DatabaseUsagesOperations( self._client, self.config, self._serialize, self._deserialize) - self.database_blob_auditing_policies = DatabaseBlobAuditingPoliciesOperations( - self._client, self.config, self._serialize, self._deserialize) self.database_automatic_tuning = DatabaseAutomaticTuningOperations( self._client, self.config, self._serialize, self._deserialize) self.encryption_protectors = EncryptionProtectorsOperations( @@ -325,6 +338,14 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.virtual_network_rules = VirtualNetworkRulesOperations( self._client, self.config, self._serialize, self._deserialize) + self.extended_database_blob_auditing_policies = ExtendedDatabaseBlobAuditingPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.extended_server_blob_auditing_policies = ExtendedServerBlobAuditingPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.server_blob_auditing_policies = ServerBlobAuditingPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.database_blob_auditing_policies = DatabaseBlobAuditingPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) self.database_vulnerability_assessment_rule_baselines = DatabaseVulnerabilityAssessmentRuleBaselinesOperations( self._client, self.config, self._serialize, self._deserialize) self.database_vulnerability_assessments = DatabaseVulnerabilityAssessmentsOperations( @@ -353,10 +374,14 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.managed_databases = ManagedDatabasesOperations( self._client, self.config, self._serialize, self._deserialize) + self.sensitivity_labels = SensitivityLabelsOperations( + self._client, self.config, self._serialize, self._deserialize) self.server_automatic_tuning = ServerAutomaticTuningOperations( self._client, self.config, self._serialize, self._deserialize) self.server_dns_aliases = ServerDnsAliasesOperations( self._client, self.config, self._serialize, self._deserialize) + self.server_security_alert_policies = ServerSecurityAlertPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) self.restore_points = RestorePointsOperations( self._client, self.config, self._serialize, self._deserialize) self.database_operations = DatabaseOperations(